MAC: Fix setting loader tunables
ClosedPublic
Actions

Authored by zlei on Sat, Feb 8, 9:06 AM.

Details

Reviewers

olce
kib

Commits

rG3afa8f08bcd5: MAC: mac_biba, mac_lomac: Fix setting loader tunables
rG87836ab994c2: MAC: mac_biba, mac_lomac: Fix setting loader tunables
rG04f360b78220: MAC: mac_biba, mac_lomac: Fix setting loader tunables
rG7d4c0fac8c7d: MAC: mac_biba, mac_lomac: Fix setting loader tunables

Summary

For a variable string, the len parameter should be set to the size of it
rather than 0. The latter means a constant null-terminated string.

Fixes: 3da1cf1e88f8 Extend the meaning of the CTLFLAG_TUN flag ...
Fixes: af3b2549c4ba Pull in r267961 and r267973 again ...
MFC after: 1 week

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

zlei created this revision.Sat, Feb 8, 9:06 AM

Herald added a subscriber: imp. · View Herald TranscriptSat, Feb 8, 9:06 AM

zlei requested review of this revision.Sat, Feb 8, 9:06 AM

Before the changes, setting security.mac.{lomac,biba}.trusted_interfaces would have no effect at all (because the trusted_interfaces[] arrays would be filled with 0 at load). I think this problem was introduced by the second fixed commit you listed, which means this has not worked for ~10 years at least.

This revision is now accepted and ready to land.Sat, Feb 8, 10:34 AM

kib accepted this revision.Sun, Feb 9, 4:31 AM

CC @jhb .
Those two MAC modules were obtained from TrustedBSD Project. I see @jhb was back porting commits from FreeBSD to TrustedBSD. So I guess @jhb may be interested with this fix.